Lucene search
K
LinuxLinux Kernel6.15.11

6 matches found

CVE
CVE
added 2025/10/28 11:48 a.m.31 views

CVE-2025-40082

CVE-2025-40082 targets the Linux kernel’s hfsplus code and causes a slab-out-of-bounds read in hfsplus_uni2asc() when listing extended attributes. The issue arises because the expected unicode buffer structure size varies (hfsplus_attr_unistr vs hfsplus_unistr), so a previous fix was insufficient...

7.1CVSS6.1AI score0.00182EPSS
CVE
CVE
added 2025/09/05 5:20 p.m.27 views

CVE-2025-38736

Technical details about CVE-2025-38736 are not provided in the connected documents. The initial description notes a Linux kernel MDIO PHY address masking fix (mask with 0x1f) in net: usb: asix_devices to prevent OOB/invalid MDIO addresses. Connected advisories reference the CVE, but do not supply...

7.1CVSS5.8AI score0.00149EPSS
CVE
CVE
added 2025/10/13 1:48 p.m.27 views

CVE-2025-39965

CVE-2025-39965 concerns the Linux kernel where xfrm_alloc_spi incorrectly treated 0 as a valid SPI. A state with x->id.spi == 0 was added to the byspi list, and __xfrm_state_delete failed to remove such states, leading to a use-after-free vulnerability on list traversal. The issue is resolved ...

5.5CVSS6.1AI score0.00177EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.26 views

CVE-2026-46146

CVE-2026-46146 affects the Linux kernel's ALSA USB audio stack, specifically the convert_chmap_v3() routine. A loop uses cs_desc->wLength for increment but this value isn’t validated, allowing a potential endless loop with malformed descriptors. The issue is resolved by adding a proper size ch...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.24 views

CVE-2026-45924

Summary: CVE-2026-45924 affects ksmbd in the Linux kernel. The vulnerability arises because ksmbd_vfs_kern_path_end_removing() is not called on certain error paths, leaving inode locks and references unbalanced after a prior ksmbd_vfs_kern_path_start_removing(). This can cause potential deadlocks...

5.5CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2026/04/24 2:35 p.m.20 views

CVE-2026-31559

This CVE (CVE-2026-31559) affects the LoongArch implementation in the Linux kernel. The issue is a missing NULL check in kstrdup() during device-tree processing, fixed by replacing of_find_node_by_path("/") with of_root to avoid multiple of_node_put() calls, and by preventing a kernel oops during...

5.5CVSS5.3AI score0.00122EPSS